Hi
I´m using Nextcloud 20.0.8 and NextcloudPI 1.35.0.
I chose port 4444 for my nextcloud, (in the recent past it works like a charm).
After a time when I go to the my nextcloud https://aabento.pt:4444 it started given a message that the page is not safe anymore in all browsers.
Another error was that “fail SSL renewal”.
If I try to renew the Letsencrypt certificate it works well with no error.
Because I’m not an expert I tried several solutions indicated in foruns but nothing work up to now.
Could anyone point me the way to solve this problem.
Thank you in advance.
[ letsencrypt ] (Sun Feb 28 14:09:52 GMT 2021)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/ncp
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/aabento.pt-0002/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/aabento.pt-0002/privkey.pem
Your cert will expire on 2021-05-29. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
“certbot renew”
If you like Certbot, please consider supporting our work by:
When I looked through your post again, I noticed that the client had apparently created a new certificate instead of renewing the existing one. You can see this from the fact that there is a -0002 in the name of the folder…
Maybe the initial certificate had names included that now do not exist anyore…?
Questions:
How do you issue your certificats? acme, certbot…? …and on what OS is it installed?
What can you do about it?
you can leave it that way and adjust the path in your web server config with the risk that this will happen again the next time you renew the certificates
You can delete all existing certificates and reissue them. That’s what I would do.
»»»»»»You can delete all existing certificates and reissue them. That’s what I would do.»»»»»»»»
How can I do this?
My System.
System Info
NextCloudPi version v1.35.0
NextCloudPi image NextCloudPi_03-28-20
distribution Raspbian GNU/Linux 10 \n \l
automount yes
USB devices sda
datadir /media/myCloudDrive/ncdata
data in SD no
data filesystem btrfs
data disk usage 29G/932G
rootfs usage 4.1G/29G
swapfile /var/swap
dbdir /media/USBdrive/ncdatabase
Nextcloud check ok
Nextcloud version 20.0.8.1
HTTPD service up
PHP service up
MariaDB service up
Redis service up
Postfix service up
internet check ok
port check 80 open
port check 443 open
IP 192.168.1.68
gateway 192.168.1.1
interface eth0
certificates aabento.pt
NAT loopback yes
uptime 1day
I can’t provide you with an exact step by step guide for your system, because I don’t really know enough details about NextcloudPi. I had a similar issue once on my manual installation and i did the following steps:
When you said
---------->Copied the content of the old virtualhost-le-ssl.conf back into the newly created file, except for the lines concerning the certificates.<------------
you mean this two lines in my mextcloud.conf?
------------->>>>>>SSLCertificateFile /etc/letsencrypt/live/aabento.pt/fullchain.pem
---------->>>>>>SSLCertificateKeyFile /etc/letsencrypt/live/aabento.pt/privkey.pem
You could also simply adjust the paths in the config file accordingly. Maybe in in this case it is better to try that first, and only go further if the problem occurs again in the future. I cannot guarantee you, that my method works exactly the same way on your system as it did on mine, because as I said, I don’t know NextcloudPi that well. As far as I know they implemented the function to issue certificates also in the ncp-admin interface. If you decide to go further and delete the certs as I described, you should probably use the ncp-admin panel to get the new certificates, instead of using certbot directly like I did. And make sure you have backups of the contents of every config file you change or delete.